Dynamic authorization batching in a dispersed storage network

ABSTRACT

A method for execution by a dispersed storage and task (DST) processing unit includes queuing authorization requests, corresponding to received operation requests, in response to determining that first system utilization data indicates a first utilization level that compares unfavorably to a normal utilization threshold. A first batched authorization request that includes the queued authorization requests is generated for transmission to an Identity and Access Management (IAM) system in response to determining that the first request queue compares unfavorably to a first queue limit condition. A second queue limit condition that is different from the first queue limit condition is determined based on second system utilization data. A second batched authorization request that includes a second plurality of authorization requests of a second request queue is generated in response to determining that the second request queue compares unfavorably to the second queue limit condition.

STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

Not applicable.

INCORPORATION-BY-REFERENCE OF MATERIAL SUBMITTED ON A COMPACT DISC

Not applicable.

BACKGROUND OF THE INVENTION Technical Field of the Invention

This invention relates generally to computer networks and moreparticularly to dispersing error encoded data.

Description of Related Art

Computing devices are known to communicate data, process data, and/orstore data. Such computing devices range from wireless smart phones,laptops, tablets, personal computers (PC), work stations, and video gamedevices, to data centers that support millions of web searches, stocktrades, or on-line purchases every day. In general, a computing deviceincludes a central processing unit (CPU), a memory system, userinput/output interfaces, peripheral device interfaces, and aninterconnecting bus structure.

As is further known, a computer may effectively extend its CPU by using“cloud computing” to perform one or more computing functions (e.g., aservice, an application, an algorithm, an arithmetic logic function,etc.) on behalf of the computer. Further, for large services,applications, and/or functions, cloud computing may be performed bymultiple cloud computing resources in a distributed manner to improvethe response time for completion of the service, application, and/orfunction. For example, Hadoop is an open source software framework thatsupports distributed applications enabling application execution bythousands of computers.

In addition to cloud computing, a computer may use “cloud storage” aspart of its memory system. As is known, cloud storage enables a user,via its computer, to store files, applications, etc. on an Internetstorage system. The Internet storage system may include a RAID(redundant array of independent disks) system and/or a dispersed storagesystem that uses an error correction scheme to encode data for storage.

Application US20170060459A1 to Applicant discloses a method forexecution by a DST execution unit that includes receiving an accessrequest that includes an authorization token from a computing device viaa network, generating authorization data based on the access request,Executing the access requests, and transmitting a result of the accessrequest to the computing device via the network when the authorizationdata includes a verification indicator. An invalid token notification isgenerated for transmission to the computing device when theauthorization data includes an invalid token indicator.

Application US20170315735A1 to Applicant discloses selection of a firstproper subset of dispersed storage and task (DST) execution units of adispersed storage network (DSN) by a processing system. The processingsystem batches access requests over a time period in accordance with thefirst proper subset of the DST execution units of the DSN to limit theaccess requests to the first proper subset of DST execution units of theDSN during the time period.

U.S. Grant U.S. Pat. No. 9,798,621B2 to Applicant discloses a managingunit connected to a network that broadcasts and updates secure accesscontrol list information across the network. Upon a target devicereceiving the broadcast, the target device creates and sends an accesscontrol list change notification message to all other system devicesthat should have received the same broadcast if the broadcast is a validrequest to update access control list information. The target devicewaits for responses from the other system devices to validate that thebroadcast has been properly sent to a threshold number of other systemdevices before taking action to operationally change local data inaccordance with the broadcast.

The limitations and disadvantages of conventional and traditionalapproaches will become apparent to one of ordinary skill in the artthrough comparison of such systems with the present disclosure.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING(S)

FIG. 1 is a schematic block diagram of an embodiment of a dispersed ordistributed storage network (DSN) in accordance with the presentinvention;

FIG. 2 is a schematic block diagram of an embodiment of a computing corein accordance with the present invention;

FIG. 3 is a schematic block diagram of an example of dispersed storageerror encoding of data in accordance with the present invention;

FIG. 4 is a schematic block diagram of a generic example of an errorencoding function in accordance with the present invention;

FIG. 5 is a schematic block diagram of a specific example of an errorencoding function in accordance with the present invention;

FIG. 6 is a schematic block diagram of an example of a slice name of anencoded data slice (EDS) in accordance with the present invention;

FIG. 7 is a schematic block diagram of an example of dispersed storageerror decoding of data in accordance with the present invention;

FIG. 8 is a schematic block diagram of a generic example of an errordecoding function in accordance with the present invention;

FIG. 9A is a schematic block diagram of an embodiment of a dispersed ordistributed storage network (DSN) in accordance with the presentinvention;

FIG. 9B is a schematic block diagram of an embodiment of a dispersed ordistributed storage network (DSN) in accordance with the presentinvention;

FIG. 9C is a schematic block diagram of an embodiment of a networkswitch in accordance with the present invention;

FIG. 9D is a schematic block diagram of an embodiment of a dispersed ordistributed storage network (DSN) in accordance with the presentinvention;

FIG. 10A is a logic diagram of an example of a method of dynamicauthorization batching in accordance with the present invention;

FIG. 10B is a logic diagram of an example of a method of dynamicauthorization batching in accordance with the present invention; and

FIG. 10C is a logic diagram of an example of a method of dynamicauthorization batching in accordance with the present invention.

DETAILED DESCRIPTION OF THE INVENTION

FIG. 1 is a schematic block diagram of an embodiment of a dispersed, ordistributed, storage network (DSN) 10 that includes a plurality ofcomputing devices 12-16, a managing unit 18, an integrity processingunit 20, and a DSN memory 22. The components of the DSN 10 are coupledto a network 24, which may include one or more wireless and/or wirelined communication systems; one or more non-public intranet systemsand/or public internet systems; and/or one or more local area networks(LAN) and/or wide area networks (WAN).

The DSN memory 22 includes a plurality of storage units 36 that may belocated at geographically different sites (e.g., one in Chicago, one inMilwaukee, etc.), at a common site, or a combination thereof. Forexample, if the DSN memory 22 includes eight storage units 36, eachstorage unit is located at a different site. As another example, if theDSN memory 22 includes eight storage units 36, all eight storage unitsare located at the same site. As yet another example, if the DSN memory22 includes eight storage units 36, a first pair of storage units are ata first common site, a second pair of storage units are at a secondcommon site, a third pair of storage units are at a third common site,and a fourth pair of storage units are at a fourth common site. Notethat a DSN memory 22 may include more or less than eight storage units36. Further note that each storage unit 36 includes a computing core (asshown in FIG. 2, or components thereof) and a plurality of memorydevices for storing dispersed error encoded data.

In various embodiments, each of the storage units operates as adistributed storage and task (DST) execution unit, and is operable tostore dispersed error encoded data and/or to execute, in a distributedmanner, one or more tasks on data. The tasks may be a simple function(e.g., a mathematical function, a logic function, an identify function,a find function, a search engine function, a replace function, etc.), acomplex function (e.g., compression, human and/or computer languagetranslation, text-to-voice conversion, voice-to-text conversion, etc.),multiple simple and/or complex functions, one or more algorithms, one ormore applications, etc. Hereafter, a storage unit may be interchangeablyreferred to as a dispersed storage and task (DST) execution unit and aset of storage units may be interchangeably referred to as a set of DSTexecution units.

Each of the computing devices 12-16, the managing unit 18, and theintegrity processing unit 20 include a computing core 26, which includesnetwork interfaces 30-33. Computing devices 12-16 may each be a portablecomputing device and/or a fixed computing device. A portable computingdevice may be a social networking device, a gaming device, a cell phone,a smart phone, a digital assistant, a digital music player, a digitalvideo player, a laptop computer, a handheld computer, a tablet, a videogame controller, and/or any other portable device that includes acomputing core. A fixed computing device may be a computer (PC), acomputer server, a cable set-top box, a satellite receiver, a televisionset, a printer, a fax machine, home entertainment equipment, a videogame console, and/or any type of home or office computing equipment.Note that each managing unit 18 and the integrity processing unit 20 maybe separate computing devices, may be a common computing device, and/ormay be integrated into one or more of the computing devices 12-16 and/orinto one or more of the storage units 36. In various embodiments,computing devices 12-16 can include user devices and/or can be utilizedby a requesting entity generating access requests, which can includerequests to read or write data to storage units in the DSN.

Each interface 30, 32, and 33 includes software and hardware to supportone or more communication links via the network 24 indirectly and/ordirectly. For example, interface 30 supports a communication link (e.g.,wired, wireless, direct, via a LAN, via the network 24, etc.) betweencomputing devices 14 and 16. As another example, interface 32 supportscommunication links (e.g., a wired connection, a wireless connection, aLAN connection, and/or any other type of connection to/from the network24) between computing devices 12 & 16 and the DSN memory 22. As yetanother example, interface 33 supports a communication link for each ofthe managing unit 18 and the integrity processing unit 20 to the network24.

Computing devices 12 and 16 include a dispersed storage (DS) clientmodule 34, which enables the computing device to dispersed storage errorencode and decode data as subsequently described with reference to oneor more of FIGS. 3-8. In this example embodiment, computing device 16functions as a dispersed storage processing agent for computing device14. In this role, computing device 16 dispersed storage error encodesand decodes data on behalf of computing device 14. With the use ofdispersed storage error encoding and decoding, the DSN 10 is tolerant ofa significant number of storage unit failures (the number of failures isbased on parameters of the dispersed storage error encoding function)without loss of data and without the need for a redundant or backupcopies of the data. Further, the DSN 10 stores data for an indefiniteperiod of time without data loss and in a secure manner (e.g., thesystem is very resistant to unauthorized attempts at accessing thedata).

In operation, the managing unit 18 performs DS management services. Forexample, the managing unit 18 establishes distributed data storageparameters (e.g., vault creation, distributed storage parameters,security parameters, billing information, user profile information,etc.) for computing devices 12-14 individually or as part of a group ofuser devices. As a specific example, the managing unit 18 coordinatescreation of a vault (e.g., a virtual memory block associated with aportion of an overall namespace of the DSN) within the DSN memory 22 fora user device, a group of devices, or for public access and establishesper vault dispersed storage (DS) error encoding parameters for a vault.The managing unit 18 facilitates storage of DS error encoding parametersfor each vault by updating registry information of the DSN 10, where theregistry information may be stored in the DSN memory 22, a computingdevice 12-16, the managing unit 18, and/or the integrity processing unit20.

The DSN managing unit 18 creates and stores user profile information(e.g., an access control list (ACL)) in local memory and/or withinmemory of the DSN memory 22. The user profile information includesauthentication information, permissions, and/or the security parameters.The security parameters may include encryption/decryption scheme, one ormore encryption keys, key generation scheme, and/or dataencoding/decoding scheme.

The DSN managing unit 18 creates billing information for a particularuser, a user group, a vault access, public vault access, etc. Forinstance, the DSN managing unit 18 tracks the number of times a useraccesses a non-public vault and/or public vaults, which can be used togenerate a per-access billing information. In another instance, the DSNmanaging unit 18 tracks the amount of data stored and/or retrieved by auser device and/or a user group, which can be used to generate aper-data-amount billing information.

As another example, the managing unit 18 performs network operations,network administration, and/or network maintenance. Network operationsincludes authenticating user data allocation requests (e.g., read and/orwrite requests), managing creation of vaults, establishingauthentication credentials for user devices, adding/deleting components(e.g., user devices, storage units, and/or computing devices with a DSclient module 34) to/from the DSN 10, and/or establishing authenticationcredentials for the storage units 36. Network administration includesmonitoring devices and/or units for failures, maintaining vaultinformation, determining device and/or unit activation status,determining device and/or unit loading, and/or determining any othersystem level operation that affects the performance level of the DSN 10.Network maintenance includes facilitating replacing, upgrading,repairing, and/or expanding a device and/or unit of the DSN 10.

The integrity processing unit 20 performs rebuilding of ‘bad’ or missingencoded data slices. At a high level, the integrity processing unit 20performs rebuilding by periodically attempting to retrieve/list encodeddata slices, and/or slice names of the encoded data slices, from the DSNmemory 22. For retrieved encoded slices, they are checked for errors dueto data corruption, outdated version, etc. If a slice includes an error,it is flagged as a ‘bad’ slice. For encoded data slices that were notreceived and/or not listed, they are flagged as missing slices. Badand/or missing slices are subsequently rebuilt using other retrievedencoded data slices that are deemed to be good slices to produce rebuiltslices. The rebuilt slices are stored in the DSN memory 22.

FIG. 2 is a schematic block diagram of an embodiment of a computing core26 that includes a processing module 50, a memory controller 52, mainmemory 54, a video graphics processing unit 55, an input/output (IO)controller 56, a peripheral component interconnect (PCI) interface 58,an 10 interface module 60, at least one 10 device interface module 62, aread only memory (ROM) basic input output system (BIOS) 64, and one ormore memory interface modules. The one or more memory interfacemodule(s) includes one or more of a universal serial bus (USB) interfacemodule 66, a host bus adapter (HBA) interface module 68, a networkinterface module 70, a flash interface module 72, a hard drive interfacemodule 74, and a DSN interface module 76.

The DSN interface module 76 functions to mimic a conventional operatingsystem (OS) file system interface (e.g., network file system (NFS),flash file system (FFS), disk file system (DFS), file transfer protocol(FTP), web-based distributed authoring and versioning (WebDAV), etc.)and/or a block memory interface (e.g., small computer system interface(SCSI), internet small computer system interface (iSCSI), etc.). The DSNinterface module 76 and/or the network interface module 70 may functionas one or more of the interface 30-33 of FIG. 1. Note that the IO deviceinterface module 62 and/or the memory interface modules 66-76 may becollectively or individually referred to as IO ports.

FIG. 3 is a schematic block diagram of an example of dispersed storageerror encoding of data. When a computing device 12 or 16 has data tostore it disperse storage error encodes the data in accordance with adispersed storage error encoding process based on dispersed storageerror encoding parameters. Here, the computing device stores data object40, which can include a file (e.g., text, video, audio, etc.), or otherdata arrangement. The dispersed storage error encoding parametersinclude an encoding function (e.g., information dispersal algorithm(IDA), Reed-Solomon, Cauchy Reed-Solomon, systematic encoding,non-systematic encoding, on-line codes, etc.), a data segmentingprotocol (e.g., data segment size, fixed, variable, etc.), and per datasegment encoding values. The per data segment encoding values include atotal, or pillar width, number (T) of encoded data slices per encodingof a data segment i.e., in a set of encoded data slices); a decodethreshold number (D) of encoded data slices of a set of encoded dataslices that are needed to recover the data segment; a read thresholdnumber (R) of encoded data slices to indicate a number of encoded dataslices per set to be read from storage for decoding of the data segment;and/or a write threshold number (W) to indicate a number of encoded dataslices per set that must be accurately stored before the encoded datasegment is deemed to have been properly stored. The dispersed storageerror encoding parameters may further include slicing information (e.g.,the number of encoded data slices that will be created for each datasegment) and/or slice security information (e.g., per encoded data sliceencryption, compression, integrity checksum, etc.).

In the present example, Cauchy Reed-Solomon has been selected as theencoding function (a generic example is shown in FIG. 4 and a specificexample is shown in FIG. 5); the data segmenting protocol is to dividethe data object into fixed sized data segments; and the per data segmentencoding values include: a pillar width of 5, a decode threshold of 3, aread threshold of 4, and a write threshold of 4. In accordance with thedata segmenting protocol, the computing device 12 or 16 divides dataobject 40 into a plurality of fixed sized data segments (e.g., 1 throughY of a fixed size in range of Kilo-bytes to Tera-bytes or more). Thenumber of data segments created is dependent of the size of the data andthe data segmenting protocol.

The computing device 12 or 16 then disperse storage error encodes a datasegment using the selected encoding function (e.g., Cauchy Reed-Solomon)to produce a set of encoded data slices. FIG. 4 illustrates a genericCauchy Reed-Solomon encoding function, which includes an encoding matrix(EM), a data matrix (DM), and a coded matrix (CM). The size of theencoding matrix (EM) is dependent on the pillar width number (T) and thedecode threshold number (D) of selected per data segment encodingvalues. To produce the data matrix (DM), the data segment is dividedinto a plurality of data blocks and the data blocks are arranged into Dnumber of rows with Z data blocks per row. Note that Z is a function ofthe number of data blocks created from the data segment and the decodethreshold number (D). The coded matrix is produced by matrix multiplyingthe data matrix by the encoding matrix.

FIG. 5 illustrates a specific example of Cauchy Reed-Solomon encodingwith a pillar number (T) of five and decode threshold number of three.In this example, a first data segment is divided into twelve data blocks(D1-D12). The coded matrix includes five rows of coded data blocks,where the first row of X11-X14 corresponds to a first encoded data slice(EDS 1_1), the second row of X21-X24 corresponds to a second encodeddata slice (EDS 2_1), the third row of X31-X34 corresponds to a thirdencoded data slice (EDS 3 1), the fourth row of X41-X44 corresponds to afourth encoded data slice (EDS 4 1), and the fifth row of X51-X54corresponds to a fifth encoded data slice (EDS 5_1). Note that thesecond number of the EDS designation corresponds to the data segmentnumber.

Returning to the discussion of FIG. 3, the computing device also createsa slice name (SN) for each encoded data slice (EDS) in the set ofencoded data slices. A typical format for a slice name 80 is shown inFIG. 6. As shown, the slice name (SN) 80 includes a pillar number of theencoded data slice (e.g., one of 1-T), a data segment number (e.g., oneof 1-Y), a vault identifier (ID), a data object identifier (ID), and mayfurther include revision level information of the encoded data slices.The slice name functions as, at least part of, a DSN address for theencoded data slice for storage and retrieval from the DSN memory 22.

As a result of encoding, the computing device 12 or 16 produces aplurality of sets of encoded data slices, which are provided with theirrespective slice names to the storage units for storage. As shown, thefirst set of encoded data slices includes EDS 1_1 through EDS 5_1 andthe first set of slice names includes SN 1_1 through SN 5_1 and the lastset of encoded data slices includes EDS 1_Y through EDS 5_Y and the lastset of slice names includes SN 1_Y through SN 5_Y.

FIG. 7 is a schematic block diagram of an example of dispersed storageerror decoding of a data object that was dispersed storage error encodedand stored in the example of FIG. 4. In this example, the computingdevice 12 or 16 retrieves from the storage units at least the decodethreshold number of encoded data slices per data segment. As a specificexample, the computing device retrieves a read threshold number ofencoded data slices.

To recover a data segment from a decode threshold number of encoded dataslices, the computing device uses a decoding function as shown in FIG.8. As shown, the decoding function is essentially an inverse of theencoding function of FIG. 4. The coded matrix includes a decodethreshold number of rows (e.g., three in this example) and the decodingmatrix in an inversion of the encoding matrix that includes thecorresponding rows of the coded matrix. For example, if the coded matrixincludes rows 1, 2, and 4, the encoding matrix is reduced to rows 1, 2,and 4, and then inverted to produce the decoding matrix.

FIG. 9A is a schematic block diagram of another embodiment of adispersed storage network (DSN) that includes a DST processing unit 910,a plurality of requestors 920, a plurality of storage units 1-n, anIdentity and Access Management (IAM) system 930, and the network 24 ofFIG. 1. The DST processing unit 910, some or all of the requestors 920,some or all of the storage units 1-n, and the IAM system 930 can includethe interface 32 of FIG. 1, the computing core 26 of FIG. 1, and/or theDS client module 34 of FIG. 1. The DST processing unit 910 of the DSNfunctions to relieve network congestion and system utilization bybatching authentication and/or authentication requests transmitted tothe IAM system 930, and/or can dynamically adjust that behavior tooptimize the tradeoff between utilization and latency.

Each storage unit can be implemented utilizing the storage unit 36 ofthe DSN memory 22 of FIG. 1. The DST processing unit 910 can beimplemented by utilizing computing device 16, for example functioning adispersed storage processing agent for computing device 14 as describedpreviously, and/or can be implemented by utilizing one or more storageunits 36, for example, functioning as a dispersed storage and task unit.The DST processing unit can be also implemented by utilizing any systemthat includes a processor and memory, operable to facilitate executionof access requests and other operation requests to some or all storageunits 36 of DSN memory 22, operable to monitor utilization of DSN memory22, and/or operable to monitor congestion and/or network utilization ofnetwork 24. Some or all of the requestors 920 can be implemented byutilizing computing device 12, 14, or 16, can correspond to a userdevice, and/or can be implemented by utilizing any system that includesa processor and memory, responsible for sending operation requests tothe DST processing unit via network 24. The IAM system 930 can beimplemented by utilizing computing device 16, the managing unit 18 ofFIG. 1, the integrity processing unit 20, or any system communicatingwith network 24 that includes a processor and memory and is operable toauthenticate and/or authorize operation requests to the DST processingunit 910.

When a requestor 920 initiates an operation into DSN memory, thatrequestor must be authorized to ensure that they are permitted toperform such an operation. The IAM system 930 is operable to performsuch an authorization. In normal utilization conditions, thisauthorization can be performed in-line with each operation. In otherwords, when an operation is performed, the authorization occursimmediately.

However, circumstances may arise where reducing the traffic to the IAMsystem is advantageous or required to avoid impacting availabilityand/or reliability. One example is when the IAM system is in anoverloaded condition and reducing the traffic would help reduce itsutilization. Another example is when the network experiences abnormalcongestion, and where reducing the overall network traffic would helpalleviate such congestion. Applying Dynamic Authorization Batching, asdescribed herein, can automatically tune itself to reduce the traffic toan IAM system in such conditions.

Applying Dynamic Authorization Batching can include at least one of thefollowing main aspects: (1) the process by which the DST processing unit910, and/or another element of the DSN memory 22, gains an understandingof the current capacity and utilization of the system; (2) theapplication of that understanding for optimizing flow control of futureauthorization requests; and (3) the monitoring of such optimizations toquantifiably measure its benefit.

As a part of understanding the current system capacity and utilization,DST processing unit 910 can first become aware of the different systemcomponents that participate in the authorization process and theirpotential capacity, such as network switches or other routing componentsof network 24, the IAM system 930, storage units 1-n, and/or othercomponents of the DSN. Such information could be obtained via configuredand/or dynamic component and network topology discovery.

Next, the DSN memory can dynamically become aware of the currentutilization of each system component and how it impacts their totalcapabilities. For example, the DST processing unit 910 can dynamicallylearn about the capacity and utilization percentage of an IAM system 930via periodic capacity advertisements. Alternatively or in addition, theDST processing unit 910 can periodically query the congestion andutilization of some or all network switches and/or other various networkelements of network 24 that are traversed during the authorizationprocess.

For example, as shown in FIG. 9B, authorization requests from the DSTprocessing unit 910 to the IAM system 930 can be routed via a pluralityof network switches 1-n of the network 24. Some or all network switches1-n can be implemented by utilizing the switch 960 of FIG. 9C, whichincludes at least one network interface 962, a memory 964, and aprocessing system 966, all connected via bus 968. The switches 1-n canbe operable to store executable instructions in memory 964 that, whenexecuted by the processing system 966, cause the switch 960 to send andreceive, via one or more ports of the at least one network interface962, network traffic via wired and/or wireless connections to otherswitches and/or other components of network 24. Some or all of thenetwork switches 1-n can also be operable to monitor and sendutilization data to the DST processing unit, for example, based onnetwork traffic and/or congestion experienced. Alternatively, networktraffic and/or congestion to some or all network switches 1-n can bemonitored by other entities of the DSN for transmission to the DSTprocessing unit 910.

In some embodiments, the DST processing unit generates currentutilization data based on a plurality of received utilization levelsfrom the IAM system and/or network elements, for example, where theutilization data is generated based on a sum, average, and/or aggregateanalysis of the received utilization levels. The plurality ofutilization levels can be received in response to a plurality ofutilization level requests generated by the DST processing unit 910 andtransmitted to the plurality of components of the DSN memory. The DSTprocessing unit 910 can determine to request the plurality ofutilization levels in predetermined time intervals, in response toreceiving a request, in response to determining that system utilizationhas changed, in response to a request or other information received fromthe IAM system 930, and/or via a determination based on other factors.The DST processing unit 910 can determine a different plurality ofcomponents from which to request utilization levels in subsequentdeterminations of the utilization data at later times, for example, inresponse to determining that different components are participating inthe authorization process. In various embodiments, one or more otherelements of the DSN are responsible for collecting reported utilizationand/or determining the utilization data, and the DST processing unit 910can request the utilization data and/or otherwise receive theutilization data from the one or more other elements.

Once current system capacity is learned, the DSN memory can apply thatunderstanding to perform dynamic batching on the authorization requests.The batching method can favor optimizing requester perceived latency (atthe expense of requestor perceived latency) during periods of systemcongestion. Alternatively or in addition, the batching method can becomemore aggressive in terms of how many requests are batched together,depending on the severity of system congestion.

In an example of operation, a requestor 920 can send an operationrequest to the DST processing unit 910 that requires authorization. Forexample, the operation request can include read request, a writerequest, an access request, or another type of request involving dataobjects dispersed storage error encoded and stored in the plurality ofstorage units 1-n. The DST processing unit 910 can send an authorizationrequest to the IAM system 930 automatically upon receiving the operationrequest, in response to determining that the system is within normalutilization conditions. For example, the DST processing unit 910 cancompare a system utilization level of the current utilization data to aconfigured, normal utilization threshold, and can determine the systemutilization level indicates normal system utilization when the systemutilization level compares favorably to the normal utilizationthreshold. The IAM system 930 can determine whether the operationrequest by the requestor is authorized based on the receivedauthorization request, and can send an authorization success or anauthorization failure in response. If an authorization success isreceived from the IAM system 930, the DST processing unit 910 canexecute the operation request accordingly. If an authorization failureis received, the DST processing unit can abstain from executing therequest and/or can generate an authorization failure notification fortransmission to the requestor and/or to entities deemed responsible fordata indicated in the operation request

Over time, the DST processing unit 910 can determine that the system isover-utilized based on subsequent utilization data, for example,generated based on a plurality of subsequent utilization levels of theplurality of DSN components. For example, the DST processing unit candetermine that the utilization data compares unfavorably to the normalutilization threshold to determine that the system is over-utilized. Inresponse to determining the system is over-utilized, as new operationrequests send from one or more requestors 920 to the DST processingunit, the corresponding authorization requests are queued rather thantransmitted to the IAM system 930 directly. For example, authorizationrequests can be stored in in queue 915 of a cache and/or local memorysuch as memory 54 of the computing core of the DST processing unit 910.

The DST processing unit 910 can later determine to send some or all ofthe authorization requests in the queue as a batched request. The DSTprocessing unit can generate a single batched request to includeauthorization request information corresponding to the requests in thequeue in response, and can sent the single batched request to the IAMsystem 930. The DST processing unit 910 can make this determination tosend the queued requests based on determining the request queue comparesunfavorably to a queue limit condition. For example, the DST processingunit 910 can send the queued authorization requests as a batched requestin response to determining the number of authorization requests in thequeue meets or exceeds a queue size threshold. Alternatively or inaddition, the DST processing unit 910 can determine to send theauthorization requests in the queue as a batched request in response todetermining that a time since receiving the first request in the queuemeets or exceeds a queuing time limit. In various embodiments, the DSTprocessing unit 910 determines to send the authorization requests in thequeue as a batched request in response to either of these conditionsoccurring, and/or in response to one of a plurality of queuing limitconditions that is triggered first. As discussed herein, this queuelimit condition that automatically triggers the batching andtransmission of the request queue can be determined by the DSTprocessing unit 910 based on the current system utilization data.

The IAM system 930 can extract the authorization request information foreach of the corresponding plurality of requests in the batch request todetermine authorization success or failure for each of the plurality ofrequests of the batch request. The IAM system 930 can generate a batchedresponse that indicates success or failure of each of the plurality ofauthorization requests of the batched requests. For example, asauthorization responses indicating success or failure are determined foreach request, the authorization responses can be queued by the IAMsystem 930. The IAM system 930 can send the authorization responses inits queue as a single, batched response back to the DST processing unit910 once the authorization responses for each of the requests of thebatched request are generated. Alternatively, the IAM system 930 cansend the authorization responses one at a time, as they are generated,back to the DST processing unit 910.

In some embodiments, the IAM system 930 can generate batched responsesbased on its own queue limit conditions, such as its own size thresholdand/or queuing time limit. For example, the IAM system 930 can determineto send a batched response to the DST processing unit 910 that indicatesresponses for only a portion of the requests in the batch request.Conversely, the IAM system 930 can determine to keep the responses inthe queue after all of the requests have been processed and wait forfurther batched requests from the DST processing unit 910 to be receivedand processed to be included in the queue, and can send the queue ofresponses corresponding to multiple batched requests as a single batchedresponse.

The DST processing unit 910 can determine that the system has returnedto a normal utilization level, for example, by comparing the utilizationdata to the normal utilization threshold, and can determine to againsend authorization requests to the IAM system upon receiving thecorresponding operation request from requestors, without batching.

The effectiveness of the batching can be measured by the DST processingunit, or one or more other entities in the DSN, by observing the systemcapacity and other statistics as reported by components of the DSN overtime. For example, the DST processing unit 910 can monitor theauthorization request rate between the DST processing unit 910 and theIAM system 930. Alternatively or in addition, the DST processing unit910 can monitor failed authorization requests that occur because ofcongestion or congestion related rate limiting. Alternatively or inaddition, the DST processing unit 910 can monitor perceived latency ofsome or all requestors. Under conditions of normal utilization,requestor perceived latency should be low and authorization request rateshould be high. When the system undergoes higher utilization levels, therequestor perceived latency should increase and the authorizationrequest rate should decrease. This self-tuning can assist in moving thesystem back to normal utilization, normal user perceived latency, and/ormaintaining low authorization failure rate.

To perform this self-tuning, the queue limit conditions such as thequeue size threshold and/or the queuing time limit of the DST processingunit 910, and/or the IAM system 930, can be set to different valuesbased on changing system utilization, and thus can be a function of theutilization data as updated utilization data is received. For example,in response to determining the system utilization has reduced from agreat over-utilization to becoming only slightly over-utilized, the DSTprocessing unit 910 can begin to send smaller batch requests and/or sendbatch requests more frequently. Conversely, in response to determiningthe system utilization has increased from a slight over-utilization tobecoming greatly over-utilized, the DST processing unit 910 can being tosend larger batch requests and/or send batch requests less frequently.In response to determining the system is at a normal utilization level,the DST processing unit can send authorization requests immediatelywithout batching. The IAM system 930 can determine to send larger andsmaller batch responses, and/or send batch responses more or lessfrequently based on changing system utilization, in a similar fashion.As system utilization changes over time, for example, as new utilizationlevels of DSN components is collected to generate updated utilizationdata, the queue size threshold and/or the queuing time limit can beupdated by the DST processing unit 910 and/or the IAM system 930accordingly in response.

In some embodiments, the queue limit conditions such as the queue sizethreshold and/or the queuing time limit can also be a function of themeasured effectiveness of the system, perceived latency requirements ofsome or all of the requestors, and/or the number or proportion of failedauthorization requests that occur, for example, because of congestion orcongestion related rate limiting. For example, if a proportion of failedauthorization requests exceeds a threshold, the DST processing unit 910can determine to increase the queue size threshold and/or the queue timelimit. As another example, if requestor perceived latency of some or allrequestors exceeds a latency time limit, the DST processing unit candetermine to decrease the queue size threshold and/or the queue timelimit. The queue limit conditions can be a function of some or all ofthese factors, and these factors can be assigned weights, which canchange over time as part of this self-tuning. In some embodiments,determining the queue limit conditions can include performing anoptimization function to optimize the trade-off between requestorperceived latency, network utilization, IAM congestion, and/orproportion of failed authorization requests accordingly, by utilizingthese assigned weights.

In some embodiments, the system utilization level of the utilizationdata can be determined, for example, by comparing the collection ofreported utilization to a plurality of system utilization levelthresholds. For example, utilization of the system can be determined tofall within one of N system utilization levels of increasing utilizationby comparing the utilization data to the N system utilization levels.The queue size threshold and/or the queuing time limit can be anincreasing function of N and/or can otherwise be an increasing functionof system utilization level. A lowest level can correspond to a normalutilization level, where the queue size threshold is set to one and/orwhere the queuing time limit indicates to send the authorization requestat the time the operation request is received.

Alternatively or in addition, the utilization level can indicate anover-utilization value of the system, which can be determined bycalculating a utilization differential of the utilization data from thenormal utilization threshold. For example, the normal utilizationthreshold can be subtracted from an aggregate utilization value of theutilization data to compute the utilization differential, where theaggregate utilization value is calculated based on the plurality ofreceived utilization levels. The queue size threshold and/or the queuingtime limit can be an increasing function of the utilization differentialwhen the utilization data compares unfavorably to the normal utilizationthreshold. When the utilization data compares favorably to the normalutilization threshold, indicating normal utilization levels, the queuesize threshold can be set to one and/or the queuing time limit canindicate to send the authorization request at the time the operationrequest is received. The over-utilization can be computed by the DSTprocessing unit 910 as a weighted sum, weighted average, and/or otherweighted function of the plurality of utilization levels, where thecorresponding weight of each of the received utilization levels is basedon how much the corresponding DSN component is determined affect systemlatency.

The utilization data and/or corresponding queue limit conditionsdetermined by the IAM system 930 can be different from the DSTprocessing unit 910 as a result of congestion factors of the IAM system,for example, that are either unknown to the DST processing unit orirrelevant to the DST processing unit. For example, as shown in FIG. 9D,some embodiments can include multiple DST processing units 910 that sendauthorization requests to the IAM system 930. In such embodiments, theIAM system can determine its utilization data based on traffic receivedfrom multiple DST processing units 910 in the system, all sending theirown batched or unbatched authorization requests. A single DST processingunit 910 may not consider this traffic caused by other DST processingunits 910 in determining its queue limit conditions, and/or may considerdifferent factors such different congestion and/or utilization data,requestor priorities and/or different perceived requestor latencyrequirements, or other factors that are either unknown to the IAM system930 or irrelevant to the IAM system 930, thus leading to differing queuesize thresholds and/or differing queuing time limits. Alternatively, theIAM system 930 can send capacity information, network traffic data,and/or congestion information based on traffic from the multiple DSTprocessing units 910 to some or all of the DST processing units 910.Some or all of the DST processing unit 910 can determine to use thisinformation when determining their utilization data. In suchembodiments, this strategy can be used to synchronize queue sizethreshold and/or the queuing time limit between the IAM system and someor all DST processing units 910, for example, in response to system-wideutilization changes. Alternatively, the IAM system 930 can generate itsbatched responses to match the number of batched requests of thecorresponding DST processing unit by default, and thus will notdetermine its own queue limit conditions.

In some embodiments, the DST processing unit 910 can determine to sendthe authorization requests in the queue as a batched request in responseto determining that one or more requests in the queue corresponds to anurgent or otherwise high priority operation type and/or corresponds to ahigh priority requestor. In some embodiments, high priority operationscan supersede the queue limit conditions, where some or all requests inthe request queue are batched and transmitted before the queue limitconditions are reached. For example, the DST processing unit 910 candetermine whether or not a received request is high priority uponreceiving the request. In response to determining that the request ishigh priority, the DST processing unit 910 can determine to batch anauthorization request corresponding to the high priority operation alongwith the authorization requests already in the queue for transmission tothe IAM system, or can determine to send the single authorizationrequest corresponding to the high priority operation when there are noother authorization requests in the queue. As another example, some orall requests in the queue can have a corresponding operation deadlineand/or authorization deadline, determined by the DST processing unitand/or included in the request. The DST processing unit, in response todetermining that any request in the authorization queue is approachingits operation deadline and/or authorization deadline, and/or in responseto otherwise determining that the current time compares unfavorably tothe operation deadline and/or authorization deadline, can proceed togenerate the batched authorization request with all the requests in thequeue and send the batched authorization request to the IAM system.

Such a prioritization of the requestors 920 can be utilized inembodiments where requestor perceived latency is a factor utilized indetermining the queue limit conditions. The queue limit conditions canbe a function of the requestor perceived latency of the plurality ofrequestors 920, which can be weighted by a priority assigned to therequestor 920 and/or a priority assigned to an operation request sent bythe requestor 920. For example, a higher weight assigned to a higherpriority requestor 920 result in a greater reduction in the queue sizethreshold and/or the queue time limit, and thus result in a greaterreduction of the perceived latency of the high priority requestor(perhaps at the expense of the system utilization and/or congestion tothe IAM system 930). Meanwhile, a lower priority requestor may not befavored in the same way, with a much smaller improvement, or noimprovement, in perceived latency.

In various embodiments, a processing system of a dispersed storage andtask (DST) processing unit includes at least one processor and a memorythat stores operational instructions, that when executed by the at leastone processor cause the processing system to determine first systemutilization data. A first operation request is received, and a firstrequest queue that includes a first authorization request correspondingto the first operation request is generated in response to determiningthat the first system utilization data indicates a first utilizationlevel that compares unfavorably to a normal utilization threshold. Afirst queue limit condition is determined in response to generating thefirst request queue, based on the first system utilization data. A firstsubsequent operation request corresponding the first subsequentoperation request is received and appended to the first request queue. Afirst batched authorization request that includes a first plurality ofauthorization requests of the first request queue is generated inresponse to determining that the first request queue comparesunfavorably to the first queue limit condition. The first batchedauthorization request to an IAM system, and a first plurality ofauthorization responses are received from the IAM system, correspondingto the first plurality of authorization requests of the first requestqueue. A first subset of the first plurality of authorization responsesthat indicate authorization success are identified, and execution of asubset of a plurality of operation requests corresponding to the firstsubset of the first plurality of authorization responses is facilitated.

Second system utilization data is determined, and a second operationrequest is received. A second request queue that includes a secondauthorization request corresponding to the second operation request isgenerated in response to determining that the second system utilizationdata indicates a second utilization level that compares unfavorably tothe normal utilization threshold, where the second utilization level isdifferent from the first utilization level. A second queue limitcondition is determined in response to generating the second requestqueue, based on the second system utilization data, where the secondqueue limit condition is different from the first queue limit condition.A second subsequent operation request corresponding to the secondsubsequent operation request is received and appended to the secondrequest queue.

In various embodiments, a second batched authorization request thatincludes a second plurality of authorization requests of the secondrequest queue is generated in response to determining that the secondrequest queue compares unfavorably to the second queue limit condition,and the second batched authorization request is sent to the IAM system.

In various embodiments, third system utilization data is determined. Athird queue limit condition is determined, based on the third systemutilization data, where the third queue limit condition is differentfrom the second queue limit condition. A second batched authorizationrequest that includes a second plurality of authorization requests ofthe second request queue is generated in response determining the thirdqueue limit condition, and in response to determining that the secondrequest queue compares unfavorably third queue limit condition to thethird queue limit condition, where the second request queue comparesfavorably to the second queue limit condition. The second batchedauthorization request is sent to the IAM system.

FIGS. 10A-10C are flowcharts illustrating examples of dynamicauthorization batching. In particular, FIG. 10A presents a method foruse in association with one or more functions and features described inconjunction with FIGS. 1-9D, for execution by a dispersed storage andtask (DST) processing unit that includes a processor or via anotherprocessing system of a dispersed storage network that includes at leastone processor and memory that stores instruction that configure theprocessor or processors to perform the steps described below.

Step 1002 includes determining first system utilization data. Step 1004includes receiving a first operation request. Step 1006 includesgenerating a first request queue that includes a first authorizationrequest corresponding to the first operation request in response todetermining that the first system utilization data indicates a firstutilization level that compares unfavorably to a normal utilizationthreshold. Step 1008 includes determining a first queue limit conditionin response to generating the first request queue, based on the firstsystem utilization data.

Step 1010 includes receiving a first subsequent operation request. Step1012 includes appending a first subsequent authorization requestcorresponding the first subsequent operation request to the firstrequest queue. Step 1014 includes generating a first batchedauthorization request that includes a first plurality of authorizationrequests of the first request queue in response to determining that thefirst request queue compares unfavorably to the first queue limitcondition. Step 1016 includes sending the first batched authorizationrequest to an Identity and Access Management (IAM) system. Step 1018includes receiving a first plurality of authorization responses from theIAM system corresponding to the first plurality of authorizationrequests of the first request queue. Step 1020 includes identifying afirst subset of the first plurality of authorization responses thatindicate authorization success. Step 1022 includes facilitatingexecution of a subset of a plurality of operation requests correspondingto the first subset of the first plurality of authorization responses.

Step 1024 includes determining second system utilization data. Step 1026includes receiving a second operation request. Step 1028 includesgenerating a second request queue that includes a second authorizationrequest corresponding to the second operation request in response todetermining that the second system utilization data indicates a secondutilization level that compares unfavorably to the normal utilizationthreshold, where the second utilization level is different from thefirst utilization level. Step 1030 includes determining a second queuelimit condition in response to generating the second request queue,based on the second system utilization data, where the second queuelimit condition is different from the first queue limit condition. Step1032 includes receiving a second subsequent operation request.

After step 1032 of FIG. 10A, the method can continue to step 1034 asshown in FIG. 10B. Step 1034 includes appending the second subsequentauthorization request corresponding to the second subsequent operationrequest to the second request queue. Step 1036 includes generating asecond batched authorization request that includes a second plurality ofauthorization requests of the second request queue in response todetermining that the second request queue compares unfavorably to thesecond queue limit condition. Step 1038 includes sending the secondbatched authorization request to the IAM system.

As shown in FIG. 10C, in various embodiments, the method of FIG. 10A cancontinue from step 1032 of FIG. 10A to step 1034, which again includesappending the second subsequent authorization request corresponding tothe second subsequent operation request to the second request queue.From step 1034, the method can continue at step 1040, which includesdetermining third system utilization data. Step 1042 includesdetermining a third queue limit condition, based on the third systemutilization data, where the third queue limit condition is differentfrom the second queue limit condition. Step 1044 includes generating asecond batched authorization request that includes a second plurality ofauthorization requests of the second request queue in responsedetermining the third queue limit condition, and in response todetermining that the second request queue compares unfavorably thirdqueue limit condition to the third queue limit condition, where thesecond request queue compares favorably to the second queue limitcondition. Step 1046 includes sending the second batched authorizationrequest to the IAM system.

In various embodiments, third system utilization data is determined anda receiving a third operation request is received. It is determined tosend a third authorization request corresponding to the third operationrequest to the IAM system as a single authorization request in responseto determining that the third system utilization data indicates a systemutilization level that compares favorably to a normal utilizationthreshold. A single authorization response is received from the IAMsystem corresponding to the third authorization request. Execution ofthe third operation request is facilitated when the single authorizationresponse indicates authorization success.

In various embodiments, a second subset of the first plurality ofauthorization responses that indicate authorization failure isidentified, where an intersection of the second subset of the firstplurality of authorization responses and the first subset of the firstplurality of authorization responses is null. A subset of a plurality ofrequestors that sent a second subset of the plurality of operationrequests corresponding to the second subset of the first plurality ofauthorization responses is identified. An authorization failurenotification is generated for transmission to the subset of theplurality of requestors.

In various embodiments, the first plurality of authorization responsesis received in a first batched authorization response generated by theIAM system. In various embodiments, at least one first response of thefirst plurality of authorization responses is received in a firsttransmission at a first time, at least one second response of the firstplurality of authorization responses is received in a secondtransmission at a second time, and the first time is different from thesecond time.

In various embodiments, the first operation request includes a readrequest that indicates a data object, where a dispersed storage errorencoding function was performed on a data segment of the data object toproduce a set of encoded data slices stored in a set of storage units ofthe DSN. An authorization response that corresponds to the firstoperation request indicates authorization success, and executing thefirst operation request includes retrieving a read threshold number ofthe set of encoded data slices from the set of storage units, as well asperforming a dispersed storage error decoding function on the readthreshold number of the set of encoded data slices to reproduce the datasegment.

In various embodiments, a first plurality of network utilization levelsis received from a set of network components of the DSN, and the firstsystem utilization data is generated based on the first plurality ofnetwork utilization levels. A second plurality of network utilizationlevels are received from the set of network components of the DSN, andthe second system utilization data is generated based on the secondplurality of network utilization levels. In various embodiments, the setof network components of the DSN is a subset of a plurality of networkcomponents of the DSN. The set of network components is determined basedon identifying ones of the plurality of network components of the DSNthat participate in authorization of operation requests. A firstplurality of network utilization level requests is generated fortransmission to the set of network components of the DSN, and the firstplurality of network utilization levels are received in response to thefirst plurality of network utilization level requests. In variousembodiments, the set of network components includes a plurality ofnetwork switches determined to route authorization requests from the DSTprocessing unit to the IAM system.

In various embodiments, a first IAM utilization level is received fromthe IAM system, and the first system utilization data is generated basedon the first IAM utilization level. A second IAM utilization level isreceived from the IAM system, and the second system utilization data isgenerated based on the second IAM utilization level. The first IAMutilization level and the second IAM utilization level are generated bythe IAM based on network traffic to the IAM system.

In various embodiments, the first queue limit condition indicates afirst queue size threshold, and the second queue limit conditionindicates a second queue size threshold. The first queue size thresholdis larger than the second queue size threshold based on the firstutilization level indicating more severe over-utilization than thesecond utilization level. In response, a first number of the firstplurality of authorization requests of the first batched authorizationrequest is greater than a second number of the second plurality ofauthorization requests of the second batched authorization request. Invarious embodiments, determining the first queue limit conditionincludes calculating the first queue size threshold by performing afunction on the first utilization level, and determining the secondqueue limit condition includes calculating the second queue sizethreshold by performing the function on the second utilization level.The function calculates queue size threshold as a monotonicallyincreasing function of utilization level.

In various embodiments, the first queue limit condition indicates afirst queue time limit, and the second queue limit condition indicates asecond queue time limit. The first queue time limit is shorter than thesecond queue time limit based on the second utilization level indicatingless severe over-utilization than the first utilization level. Inresponse, a first time elapsed from generation of the first requestqueue to generation of the first batched authorization request isshorter than a second time elapsed from the generation of the secondrequest queue to the generation of the second batched authorizationrequest. In various embodiments, determining the first queue limitcondition includes calculating the first queue time limit by performinga function on the first utilization level, and determining the secondqueue limit condition includes calculating the second queue time limitby performing the function on the second utilization level. The functioncalculates queue time limit as a monotonically increasing function ofutilization level. In various embodiments, the first queue limitcondition includes a first queue time limit, the second queue limitcondition includes a second queue time limit, and the second queue timelimit is determined to be shorter than the first queue time limit inresponse to determining that the first queue time limit comparesunfavorably to a requestor perceived latency requirement.

In various embodiments, determining the second queue limit condition isfurther based on determining that a proportion of failed authorizationresponses of the first plurality of authorization responses comparesunfavorably to a failed response threshold.

In various embodiments, a non-transitory computer readable storagemedium includes at least one memory section that stores operationalinstructions that, when executed by a processing system of a dispersedstorage network (DSN) that includes a processor and a memory, causes theprocessing system to determine first system utilization data. A firstoperation request is received, and a first request queue that includes afirst authorization request corresponding to the first operation requestis generated in response to determining that the first systemutilization data indicates a first utilization level that comparesunfavorably to a normal utilization threshold. A first queue limitcondition is determined in response to generating the first requestqueue, based on the first system utilization data. A first subsequentoperation request corresponding the first subsequent operation requestis received and appended to the first request queue. A first batchedauthorization request that includes a first plurality of authorizationrequests of the first request queue is generated in response todetermining that the first request queue compares unfavorably to thefirst queue limit condition. The first batched authorization request toan IAM system, and a first plurality of authorization responses arereceived from the IAM system, corresponding to the first plurality ofauthorization requests of the first request queue. A first subset of thefirst plurality of authorization responses that indicate authorizationsuccess are identified, and execution of a subset of a plurality ofoperation requests corresponding to the first subset of the firstplurality of authorization responses is facilitated.

Second system utilization data is determined, and a second operationrequest is received. A second request queue that includes a secondauthorization request corresponding to the second operation request isgenerated in response to determining that the second system utilizationdata indicates a second utilization level that compares unfavorably tothe normal utilization threshold, where the second utilization level isdifferent from the first utilization level. A second queue limitcondition is determined in response to generating the second requestqueue, based on the second system utilization data, where the secondqueue limit condition is different from the first queue limit condition.A second subsequent operation request corresponding to the secondsubsequent operation request is received and appended to the secondrequest queue.

In various embodiments, a second batched authorization request thatincludes a second plurality of authorization requests of the secondrequest queue is generated in response to determining that the secondrequest queue compares unfavorably to the second queue limit condition,and the second batched authorization request is sent to the IAM system.

In various embodiments, third system utilization data is determined. Athird queue limit condition is determined, based on the third systemutilization data, where the third queue limit condition is differentfrom the second queue limit condition. A second batched authorizationrequest that includes a second plurality of authorization requests ofthe second request queue is generated in response determining the thirdqueue limit condition, and in response to determining that the secondrequest queue compares unfavorably third queue limit condition to thethird queue limit condition, where the second request queue comparesfavorably to the second queue limit condition. The second batchedauthorization request is sent to the IAM system.

It is noted that terminologies as may be used herein such as bit stream,stream, signal sequence, etc. (or their equivalents) have been usedinterchangeably to describe digital information whose contentcorresponds to any of a number of desired types (e.g., data, video,speech, audio, etc. any of which may generally be referred to as‘data’).

As may be used herein, the terms “substantially” and “approximately”provides an industry-accepted tolerance for its corresponding termand/or relativity between items. Such an industry-accepted toleranceranges from less than one percent to fifty percent and corresponds to,but is not limited to, component values, integrated circuit processvariations, temperature variations, rise and fall times, and/or thermalnoise. Such relativity between items ranges from a difference of a fewpercent to magnitude differences. As may also be used herein, theterm(s) “configured to”, “operably coupled to”, “coupled to”, and/or“coupling” includes direct coupling between items and/or indirectcoupling between items via an intervening item (e.g., an item includes,but is not limited to, a component, an element, a circuit, and/or amodule) where, for an example of indirect coupling, the intervening itemdoes not modify the information of a signal but may adjust its currentlevel, voltage level, and/or power level. As may further be used herein,inferred coupling (i.e., where one element is coupled to another elementby inference) includes direct and indirect coupling between two items inthe same manner as “coupled to”. As may even further be used herein, theterm “configured to”, “operable to”, “coupled to”, or “operably coupledto” indicates that an item includes one or more of power connections,input(s), output(s), etc., to perform, when activated, one or more itscorresponding functions and may further include inferred coupling to oneor more other items. As may still further be used herein, the term“associated with”, includes direct and/or indirect coupling of separateitems and/or one item being embedded within another item.

As may be used herein, the term “compares favorably”, indicates that acomparison between two or more items, signals, etc., provides a desiredrelationship. For example, when the desired relationship is that signal1 has a greater magnitude than signal 2, a favorable comparison may beachieved when the magnitude of signal 1 is greater than that of signal 2or when the magnitude of signal 2 is less than that of signal 1. As maybe used herein, the term “compares unfavorably”, indicates that acomparison between two or more items, signals, etc., fails to providethe desired relationship.

As may also be used herein, the terms “processing system”, “processingmodule”, “processing circuit”, “processor”, and/or “processing unit” maybe used interchangeably, and may be a single processing device or aplurality of processing devices. Such a processing device may be amicroprocessor, micro-controller, digital signal processor,microcomputer, central processing unit, field programmable gate array,programmable logic device, state machine, logic circuitry, analogcircuitry, digital circuitry, and/or any device that manipulates signals(analog and/or digital) based on hard coding of the circuitry and/oroperational instructions. The processing system, processing module,module, processing circuit, and/or processing unit may be, or furtherinclude, memory and/or an integrated memory element, which may be asingle memory device, a plurality of memory devices, and/or embeddedcircuitry of another processing system, processing module, module,processing circuit, and/or processing unit. Such a memory device may bea read-only memory, random access memory, volatile memory, non-volatilememory, static memory, dynamic memory, flash memory, cache memory,and/or any device that stores digital information. Note that if theprocessing system, processing module, module, processing circuit, and/orprocessing unit includes more than one processing device, the processingdevices may be centrally located (e.g., directly coupled together via awired and/or wireless bus structure) or may be distributedly located(e.g., cloud computing via indirect coupling via a local area networkand/or a wide area network). Further note that if the processing system,processing module, module, processing circuit, and/or processing unitimplements one or more of its functions via a state machine, analogcircuitry, digital circuitry, and/or logic circuitry, the memory and/ormemory element storing the corresponding operational instructions may beembedded within, or external to, the circuitry comprising the statemachine, analog circuitry, digital circuitry, and/or logic circuitry.Still further note that, the memory element may store, and theprocessing system, processing module, module, processing circuit, and/orprocessing unit executes, hard coded and/or operational instructionscorresponding to at least some of the steps and/or functions illustratedin one or more of the Figures. Such a memory device or memory elementcan be included in an article of manufacture.

One or more embodiments have been described above with the aid of methodsteps illustrating the performance of specified functions andrelationships thereof. The boundaries and sequence of these functionalbuilding blocks and method steps have been arbitrarily defined hereinfor convenience of description. Alternate boundaries and sequences canbe defined so long as the specified functions and relationships areappropriately performed. Any such alternate boundaries or sequences arethus within the scope and spirit of the claims. Further, the boundariesof these functional building blocks have been arbitrarily defined forconvenience of description. Alternate boundaries could be defined aslong as the certain significant functions are appropriately performed.Similarly, flow diagram blocks may also have been arbitrarily definedherein to illustrate certain significant functionality.

To the extent used, the flow diagram block boundaries and sequence couldhave been defined otherwise and still perform the certain significantfunctionality. Such alternate definitions of both functional buildingblocks and flow diagram blocks and sequences are thus within the scopeand spirit of the claims. One of average skill in the art will alsorecognize that the functional building blocks, and other illustrativeblocks, modules and components herein, can be implemented as illustratedor by discrete components, application specific integrated circuits,processors executing appropriate software and the like or anycombination thereof.

In addition, a flow diagram may include a “start” and/or “continue”indication. The “start” and “continue” indications reflect that thesteps presented can optionally be incorporated in or otherwise used inconjunction with other routines. In this context, “start” indicates thebeginning of the first step presented and may be preceded by otheractivities not specifically shown. Further, the “continue” indicationreflects that the steps presented may be performed multiple times and/ormay be succeeded by other activities not specifically shown. Further,while a flow diagram indicates a particular ordering of steps, otherorderings are likewise possible provided that the principles ofcausality are maintained.

The one or more embodiments are used herein to illustrate one or moreaspects, one or more features, one or more concepts, and/or one or moreexamples. A physical embodiment of an apparatus, an article ofmanufacture, a machine, and/or of a process may include one or more ofthe aspects, features, concepts, examples, etc. described with referenceto one or more of the embodiments discussed herein. Further, from figureto figure, the embodiments may incorporate the same or similarly namedfunctions, steps, modules, etc. that may use the same or differentreference numbers and, as such, the functions, steps, modules, etc. maybe the same or similar functions, steps, modules, etc. or differentones.

Unless specifically stated to the contra, signals to, from, and/orbetween elements in a figure of any of the figures presented herein maybe analog or digital, continuous time or discrete time, and single-endedor differential. For instance, if a signal path is shown as asingle-ended path, it also represents a differential signal path.Similarly, if a signal path is shown as a differential path, it alsorepresents a single-ended signal path. While one or more particulararchitectures are described herein, other architectures can likewise beimplemented that use one or more data buses not expressly shown, directconnectivity between elements, and/or indirect coupling between otherelements as recognized by one of average skill in the art.

The term “module” is used in the description of one or more of theembodiments. A module implements one or more functions via a device suchas a processor or other processing device or other hardware that mayinclude or operate in association with a memory that stores operationalinstructions. A module may operate independently and/or in conjunctionwith software and/or firmware. As also used herein, a module may containone or more sub-modules, each of which may be one or more modules.

As may further be used herein, a computer readable memory includes oneor more memory elements. A memory element may be a separate memorydevice, multiple memory devices, or a set of memory locations within amemory device. Such a memory device may be a read-only memory, randomaccess memory, volatile memory, non-volatile memory, static memory,dynamic memory, flash memory, cache memory, and/or any device thatstores digital information. The memory device may be in a form asolid-state memory, a hard drive memory, cloud memory, thumb drive,server memory, computing device memory, and/or other physical medium forstoring digital information.

While particular combinations of various functions and features of theone or more embodiments have been expressly described herein, othercombinations of these features and functions are likewise possible. Thepresent disclosure is not limited by the particular examples disclosedherein and expressly incorporates these other combinations.

What is claimed is:
 1. A method for execution by a dispersed storage andtask (DST) processing unit of a dispersed storage network (DSN) thatincludes a processor, the method comprises: determining first systemutilization data; receiving a first operation request; generating afirst request queue that includes a first authorization requestcorresponding to the first operation request in response to determiningthat the first system utilization data indicates a first utilizationlevel that compares unfavorably to a normal utilization threshold;determining a first queue limit condition in response to generating thefirst request queue, based on the first system utilization data;receiving a first subsequent operation request; appending a firstsubsequent authorization request corresponding the first subsequentoperation request to the first request queue; generating a first batchedauthorization request that includes a first plurality of authorizationrequests of the first request queue in response to determining that thefirst request queue compares unfavorably to the first queue limitcondition; sending the first batched authorization request to anIdentity and Access Management (IAM) system; receiving a first pluralityof authorization responses from the IAM system corresponding to thefirst plurality of authorization requests of the first request queue;identifying a first subset of the first plurality of authorizationresponses that indicate authorization success; facilitating execution ofa subset of a plurality of operation requests corresponding to the firstsubset of the first plurality of authorization responses; determiningsecond system utilization data; receiving a second operation request;generating a second request queue that includes a second authorizationrequest corresponding to the second operation request in response todetermining that the second system utilization data indicates a secondutilization level that compares unfavorably to the normal utilizationthreshold, wherein the second utilization level is different from thefirst utilization level; determining a second queue limit condition inresponse to generating the second request queue, based on the secondsystem utilization data, wherein the second queue limit condition isdifferent from the first queue limit condition; receiving a secondsubsequent operation request; appending a second subsequentauthorization request corresponding to the second subsequent operationrequest to the second request queue; generating a second batchedauthorization request that includes a second plurality of authorizationrequests of the second request queue in response to determining that thesecond request queue compares unfavorably to the second queue limitcondition; and sending the second batched authorization request to theIAM system.
 2. The method of claim 1, further comprising: determiningthird system utilization data; receiving a third operation request;determining to send a third authorization request corresponding to thethird operation request to the IAM system as a single authorizationrequest in response to determining that the third system utilizationdata indicates a system utilization level that compares favorably to anormal utilization threshold; receiving a single authorization responsefrom the IAM system corresponding to the third authorization request;and facilitating execution of the third operation request when thesingle authorization response indicates authorization success.
 3. Themethod of claim 1, further comprising: identifying a second subset ofthe first plurality of authorization responses that indicateauthorization failure, wherein an intersection of the second subset ofthe first plurality of authorization responses and the first subset ofthe first plurality of authorization responses is null; identifying asubset of a plurality of requestors that sent a second subset of theplurality of operation requests corresponding to the second subset ofthe first plurality of authorization responses; and generating anauthorization failure notification for transmission to the subset of theplurality of requestors.
 4. The method of claim 1, wherein the firstplurality of authorization responses is received in a first batchedauthorization response generated by the IAM system.
 5. The method ofclaim 1, wherein at least one first response of the first plurality ofauthorization responses is received in a first transmission at a firsttime, wherein at least one second response of the first plurality ofauthorization responses is received in a second transmission at a secondtime, and wherein the first time is different from the second time. 6.The method of claim 1, wherein the first operation request includes aread request that indicates a data object, wherein a dispersed storageerror encoding function was performed on a data segment of the dataobject to produce a set of encoded data slices stored in a set ofstorage units of the DSN, wherein an authorization response thatcorresponds to the first operation request indicates authorizationsuccess, and wherein executing the first operation request includes:retrieving a read threshold number of the set of encoded data slicesfrom the set of storage units; and performing a dispersed storage errordecoding function on the read threshold number of the set of encodeddata slices to reproduce the data segment.
 7. The method of claim 1,further comprising: receiving a first plurality of network utilizationlevels from a set of network components of the DSN; generating the firstsystem utilization data based on the first plurality of networkutilization levels; receiving a second plurality of network utilizationlevels from the set of network components of the DSN; and generating thesecond system utilization data based on the second plurality of networkutilization levels.
 8. The method of claim 7, wherein the set of networkcomponents of the DSN is a subset of a plurality of network componentsof the DSN, further comprising: determining the set of networkcomponents based on identifying ones of the plurality of networkcomponents of the DSN that participate in authorization of operationrequests; and generating a first plurality of network utilization levelrequests for transmission to the set of network components of the DSN,wherein the first plurality of network utilization levels is received inresponse to the first plurality of network utilization level requests.9. The method of claim 8, wherein the set of network components includesa plurality of network switches determined to route authorizationrequests from the DST processing unit to the IAM system.
 10. The methodof claim 1, further comprising: receiving a first IAM utilization levelfrom the IAM system; generating the first system utilization data basedon the first IAM utilization level; receiving a second IAM utilizationlevel from the IAM system; and generating the second system utilizationdata based on the second IAM utilization level; wherein the first IAMutilization level and the second IAM utilization level are generated bythe IAM based on network traffic to the IAM system.
 11. The method ofclaim 1, wherein the first queue limit condition indicates a first queuesize threshold, wherein the second queue limit condition indicates asecond queue size threshold, wherein the first queue size threshold islarger than the second queue size threshold based on the firstutilization level indicating more severe over-utilization than thesecond utilization level, and wherein, in response, a first number ofthe first plurality of authorization requests of the first batchedauthorization request is greater than a second number of the secondplurality of authorization requests of the second batched authorizationrequest.
 12. The method of claim 11, wherein determining the first queuelimit condition includes calculating the first queue size threshold byperforming a function on the first utilization level, whereindetermining the second queue limit condition includes calculating thesecond queue size threshold by performing the function on the secondutilization level, and wherein the function calculates queue sizethreshold as a monotonically increasing function of utilization level.13. The method of claim 1, wherein the first queue limit conditionindicates a first queue time limit, wherein the second queue limitcondition indicates a second queue time limit, wherein the first queuetime limit is shorter than the second queue time limit based on thesecond utilization level indicating less severe over-utilization thanthe first utilization level, and wherein, in response, a first timeelapsed from generation of the first request queue to generation of thefirst batched authorization request is shorter than a second timeelapsed from the generation of the second request queue to thegeneration of the second batched authorization request.
 14. The methodof claim 13, wherein determining the first queue limit conditionincludes calculating the first queue time limit by performing a functionon the first utilization level, wherein determining the second queuelimit condition includes calculating the second queue time limit byperforming the function on the second utilization level, and wherein thefunction calculates queue time limit as a monotonically increasingfunction of utilization level.
 15. The method of claim 13, wherein thefirst queue limit condition includes a first queue time limit, whereinthe second queue limit condition includes a second queue time limit, andwherein the second queue time limit is determined to be shorter than thefirst queue time limit in response to determining that the first queuetime limit compares unfavorably to a requestor perceived latencyrequirement.
 16. The method of claim 1, wherein determining the secondqueue limit condition is further based on determining that a proportionof failed authorization responses of the first plurality ofauthorization responses compares unfavorably to a failed responsethreshold.
 17. A processing system of a dispersed storage and task (DST)processing unit comprises: at least one processor; a memory that storesoperational instructions, that when executed by the at least oneprocessor cause the processing system to: determine first systemutilization data; receive a first operation request; generate a firstrequest queue that includes a first authorization request correspondingto the first operation request in response to determining that the firstsystem utilization data indicates a first utilization level thatcompares unfavorably to a normal utilization threshold; determine afirst queue limit condition in response to generating the first requestqueue, based on the first system utilization data; receive a firstsubsequent operation request; append a first subsequent authorizationrequest corresponding the first subsequent operation request to thefirst request queue; generate a first batched authorization request thatincludes a first plurality of authorization requests of the firstrequest queue in response to determining that the first request queuecompares unfavorably to the first queue limit condition; send the firstbatched authorization request to an Identity and Access Management (IAM)system; receive a first plurality of authorization responses from theIAM system corresponding to the first plurality of authorizationrequests of the first request queue; identify a first subset of thefirst plurality of authorization responses that indicate authorizationsuccess; facilitate execution of a subset of a plurality of operationrequests corresponding to the first subset of the first plurality ofauthorization responses; determine second system utilization data;receive a second operation request; generate a second request queue thatincludes a second authorization request corresponding to the secondoperation request in response to determining that the second systemutilization data indicates a second utilization level that comparesunfavorably to the normal utilization threshold, wherein the secondutilization level is different from the first utilization level;determine a second queue limit condition in response to generating thesecond request queue, based on the second system utilization data,wherein the second queue limit condition is different from the firstqueue limit condition; receive a second subsequent operation request;append a second subsequent authorization request corresponding to thesecond subsequent operation request to the second request queue;generate a second batched authorization request that includes a secondplurality of authorization requests of the second request queue inresponse to determining that the second request queue comparesunfavorably to the second queue limit condition; and send the secondbatched authorization request to the IAM system.
 18. The processingsystem of claim 17, wherein the operational instructions, when executedby the at least one processor, further cause the processing system to:determine third system utilization data; receive a third operationrequest; determine to send a third authorization request correspondingto the third operation request to the IAM system as a singleauthorization request in response to determining that the third systemutilization data indicates a system utilization level that comparesfavorably to a normal utilization threshold; receive a singleauthorization response from the IAM system corresponding to the thirdauthorization request; and facilitate execution of the third operationrequest when the single authorization response indicates authorizationsuccess.
 19. The processing system of claim 17, wherein the operationalinstructions, when executed by the at least one processor, further causethe processing system to: receive a first plurality of networkutilization levels from a set of network components; generate the firstsystem utilization data based on the first plurality of networkutilization levels; receive a second plurality of network utilizationlevels from the set of network components; and generate the secondsystem utilization data based on the second plurality of networkutilization levels.
 20. The processing system of claim 17, wherein theoperational instructions, when executed by the at least one processor,further cause the processing system to: receive a first IAM utilizationlevel from the IAM system; generate the first system utilization databased on the first IAM utilization level; receive a second IAMutilization level from the IAM system; and generate the second systemutilization data based on the second IAM utilization level; wherein thefirst IAM utilization level and the second IAM utilization level aregenerated by the IAM based on network traffic to the IAM system.
 21. Theprocessing system of claim 17, wherein the first queue limit conditionindicates a first queue size threshold, wherein the second queue limitcondition indicates a second queue size threshold, wherein the firstqueue size threshold is larger than the second queue size thresholdbased on the first utilization level indicating more severeover-utilization than the second utilization level, and wherein, inresponse, a first number of the first plurality of authorizationrequests of the first batched authorization request is greater than asecond number of the second plurality of authorization requests of thesecond batched authorization request.
 22. The processing system of claim17, wherein the first queue limit condition indicates a first queue timelimit, wherein the second queue limit condition indicates a second queuetime limit, wherein the first queue time limit is shorter than thesecond queue time limit based on the second utilization level indicatingless severe over-utilization than the first utilization level, andwherein, in response, a first time elapsed from generation of the firstrequest queue to generation of the first batched authorization requestis shorter than a second time elapsed from the generation of the secondrequest queue to the generation of the second batched authorizationrequest.
 23. A computer readable storage medium comprises: at least onememory section that stores operational instructions that, when executedby a processing system of a dispersed storage network (DSN) thatincludes a processor and a memory, causes the processing system to:determine first system utilization data; receive a first operationrequest; generate a first request queue that includes a firstauthorization request corresponding to the first operation request inresponse to determining that the first system utilization data indicatesa first utilization level that compares unfavorably to a normalutilization threshold; determine a first queue limit condition inresponse to generating the first request queue, based on the firstsystem utilization data; receive a first subsequent operation request;append a first subsequent authorization request corresponding the firstsubsequent operation request to the first request queue; generate afirst batched authorization request that includes a first plurality ofauthorization requests of the first request queue in response todetermining that the first request queue compares unfavorably to thefirst queue limit condition; send the first batched authorizationrequest to an Identity and Access Management (IAM) system; receive afirst plurality of authorization responses from the IAM systemcorresponding to the first plurality of authorization requests of thefirst request queue; identify a first subset of the first plurality ofauthorization responses that indicate authorization success; facilitateexecution of a subset of a plurality of operation requests correspondingto the first subset of the first plurality of authorization responses;determine second system utilization data; receive a second operationrequest; generate a second request queue that includes a secondauthorization request corresponding to the second operation request inresponse to determining that the second system utilization dataindicates a second utilization level that compares unfavorably to thenormal utilization threshold, wherein the second utilization level isdifferent from the first utilization level; determine a second queuelimit condition in response to generating the second request queue,based on the second system utilization data, wherein the second queuelimit condition is different from the first queue limit condition;receive a second subsequent operation request; append a secondsubsequent authorization request corresponding to the second subsequentoperation request to the second request queue; generate a second batchedauthorization request that includes a second plurality of authorizationrequests of the second request queue in response to determining that thesecond request queue compares unfavorably to the second queue limitcondition; and send the second batched authorization request to the IAMsystem.
 24. A method for execution by a dispersed storage and task (DST)processing unit of a dispersed storage network (DSN) that includes aprocessor, the method comprises: determining first system utilizationdata; receiving a first operation request; generating a first requestqueue that includes a first authorization request corresponding to thefirst operation request in response to determining that the first systemutilization data indicates a first utilization level that comparesunfavorably to a normal utilization threshold; determining a first queuelimit condition in response to generating the first request queue, basedon the first system utilization data; receiving a first subsequentoperation request; appending a first subsequent authorization requestcorresponding the first subsequent operation request to the firstrequest queue; generating a first batched authorization request thatincludes a first plurality of authorization requests of the firstrequest queue in response to determining that the first request queuecompares unfavorably to the first queue limit condition; sending thefirst batched authorization request to an Identity and Access Management(IAM) system; receiving a first plurality of authorization responsesfrom the IAM system corresponding to the first plurality ofauthorization requests of the first request queue; identifying a firstsubset of the first plurality of authorization responses that indicateauthorization success; facilitating execution of a subset of a pluralityof operation requests corresponding to the first subset of the firstplurality of authorization responses; determining second systemutilization data; receiving a second operation request; generating asecond request queue that includes a second authorization requestcorresponding to the second operation request in response to determiningthat the second system utilization data indicates a second utilizationlevel that compares unfavorably to the normal utilization threshold,wherein the second utilization level is different from the firstutilization level; determining a second queue limit condition inresponse to generating the second request queue, based on the secondsystem utilization data, wherein the second queue limit condition isdifferent from the first queue limit condition; receiving a secondsubsequent operation request; appending a second subsequentauthorization request corresponding to the second subsequent operationrequest to the second request queue; determining third systemutilization data; determining a third queue limit condition, based onthe third system utilization data, wherein the third queue limitcondition is different from the second queue limit condition; generatinga second batched authorization request that includes a second pluralityof authorization requests of the second request queue in responsedetermining the third queue limit condition, and in response todetermining that the second request queue compares unfavorably thirdqueue limit condition to the third queue limit condition, wherein thesecond request queue compares favorably to the second queue limitcondition; and sending the second batched authorization request to theIAM system.
 25. A processing system of a dispersed storage and task(DST) processing unit comprises: at least one processor; a memory thatstores operational instructions, that when executed by the at least oneprocessor cause the processing system to: determine first systemutilization data; receive a first operation request; generate a firstrequest queue that includes a first authorization request correspondingto the first operation request in response to determining that the firstsystem utilization data indicates a first utilization level thatcompares unfavorably to a normal utilization threshold; determine afirst queue limit condition in response to generating the first requestqueue, based on the first system utilization data; receive a firstsubsequent operation request; append a first subsequent authorizationrequest corresponding the first subsequent operation request to thefirst request queue; generate a first batched authorization request thatincludes a first plurality of authorization requests of the firstrequest queue in response to determining that the first request queuecompares unfavorably to the first queue limit condition; send the firstbatched authorization request to an Identity and Access Management (IAM)system; receive a first plurality of authorization responses from theIAM system corresponding to the first plurality of authorizationrequests of the first request queue; identify a first subset of thefirst plurality of authorization responses that indicate authorizationsuccess; facilitate execution of a subset of a plurality of operationrequests corresponding to the first subset of the first plurality ofauthorization responses; determine second system utilization data;receive a second operation request; generate a second request queue thatincludes a second authorization request corresponding to the secondoperation request in response to determining that the second systemutilization data indicates a second utilization level that comparesunfavorably to the normal utilization threshold, wherein the secondutilization level is different from the first utilization level;determine a second queue limit condition in response to generating thesecond request queue, based on the second system utilization data,wherein the second queue limit condition is different from the firstqueue limit condition; receive a second subsequent operation request;append a second subsequent authorization request corresponding to thesecond subsequent operation request to the second request queue;determine third system utilization data; determine a third queue limitcondition, based on the third system utilization data, wherein the thirdqueue limit condition is different from the second queue limitcondition; generate a second batched authorization request that includesa second plurality of authorization requests of the second request queuein response determining the third queue limit condition, and in responseto determining that the second request queue compares unfavorably thirdqueue limit condition to the third queue limit condition, wherein thesecond request queue compares favorably to the second queue limitcondition; and send the second batched authorization request to the IAMsystem.